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Sir: 

This Appeal Brief is submitted in support of the Notice of Appeal filed November 21, 
2007, wherein Appellants appeal from the Examiner's rejection of claims 1-18. 

I. REAL PARTY IN INTEREST 

This application is assigned to IBM Corporation by assignment recorded on August 6, 
2003, at Reel 014377, Frame 0162. 

II. RELATED APPEALS AND INTERFERENCES 



Appellants are unaware of any related appeals and interferences. 
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III. STATUS OF CLAIMS 

Claims 1-18 are pending and two-times rejected in this Application. It is from the 
multiple rejections of claims 1-18 that this Appeal is taken. 

IV. STATUS OF AMENDMENTS 

The claims have not been amended subsequent to the imposition of the Second and Final 
Office Action dated August 21, 2007 (hereinafter the Second Office Action). 

V. SUMMARY OF CLAIMED SUBJECT MATTER 

1 Referring to Figure 3 and also to independent claim 1 , a systems administration policy 

2 enforcement method is disclosed. Responsive to a request to perform an administrative task 

3 directed to a resource within a computing network in step 305 (see lines 6-7 of paragraph 

4 [0024]), an administration policy comprising a set of rules for governing the administrative task 

5 is retrieved in step 325 (lines 1-2 of paragraph [0025]), state data for the resource is retrieved is 

6 step 330 (lines 2-4 of paragraph [0025]), and the retrieved policy to is applied the retrieved state 

7 data 335 (lines 4-6 of paragraph [0025]). In steps 340, 345, the administrative task is permitted 

8 only if the further retrieved state data satisfies the set of rules in the retrieved policy (lines 6-8 of 

9 paragraph [0025]). 

10 Referring to Figure 2 and also to independent claim 9, a system administration policy 

1 1 enforcement system is disclosed. The system includes an administration policy 250, a policy 

12 evaluation component 240, and an exit routine 220. The administration policy 250 comprising a 

13 set of rules for permitting and disallowing administration of resources in a system hosting a 

14 plurality of interdependent resources (lines 1-6 of paragraph [0023]). The policy evaluation 
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1 component is configured to retrieve resource state data 280 and determine whether the retrieved 

2 resource state data 280 satisfies the set of rules in the administration policy 250 (lines 1-11 of 

3 paragraph [0023]). The exit routine 220 is coupled to a resource 210 in the network (lines 7-8 of 

4 paragraph [0022]), and the exit routine has logic for forwarding requests 290 to administer the 

5 resource to the policy evaluation component 240 (lines 9-12 of paragraph [0022]. 

6 Referring to Figure 3 and also to independent claim 11, a computer program for 

7 enforcing a systems administration policy enforcement method is disclosed. Responsive to a 

8 request to perform an administrative task directed to a resource within a computing network in 

9 step 305 (see lines 6-7 of paragraph [0024]), an administration policy comprising a set of rules 

10 for governing the administrative task is retrieved in step 325 (lines 1-2 of paragraph [0025]), 

11 state data for the resource is retrieved is step 330 (lines 2-4 of paragraph [0025]), and the 

12 retrieved policy to is applied the retrieved state data 335 (lines 4-6 of paragraph [0025]). In steps 

13 340, 345, the administrative task is permitted only if the further retrieved state data satisfies the 

14 set of rules in the retrieved policy (lines 6-8 of paragraph [0025]). 

VI. GROUNDS OF REJECTION TO BE REVIEWED ON APPEAL 

1. Claims 1-2, 9, and 11-12 were rejected under 35 U.S.C. § 103 for obviousness based 
upon Lortz, U.S. Patent Publication No. 2003/0018796, in view of Hopmann et al, U.S. Patent 
No. 6,499,031 (hereinafter Hopmann); 

2. Claims 3 and 13 were rejected under 35 U.S.C. § 103 for obviousness based upon 
Lortz in view of Hopmann and Bell et al., U.S. Patent No. 6,880,005 (hereinafter Bell); 

3. Claims 4-7 and 14-17 were rejected under 35 U.S.C. § 103 for obviousness based 
upon Lortz in view of Hopmann and Burns et al., U.S. Patent Publication No. 2003/0014644 
(hereinafter Burns); and 
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4. Claims 8 and 18 were rejected under 35 U.S.C. § 103 for obviousness based upon 
Lortz in view of Hopmann and Hall, U.S. Patent No. 5,930,479; and 

5. Claim 10 was rejected under 35 U.S.C. § 103 for obviousness based upon Lortz in 
view of Hopmann and Krumel, U.S. Patent Publication No. 2002/0083331. 
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VII. ARGUMENT 



1 The Rejection of Claims 1-2, 9, and 11-12 Under 35 U.S.C. $ 102 for 

2 Obviousness based upon Lortz in view of Hopmann 

3 For convenience of the Honorable Board in addressing the rejections, claims 2, 9, and 11- 

4 12 stand or fall together with independent claim 1 . 
5 

6 Claim 1 

7 On pages 8 and 9 of the Request for Reconsideration filed July 16, 2007 (hereinafter the 

8 First Response), Appellants presented the following arguments. In the eleventh enumerated 

9 paragraph on page 5 of the First Office Action, the Examiner asserted the following regarding 

10 the teachings of Lortz: 

11 As to claims 1 and 11, Lortz shows a systems administration policy enforcement method, 

12 and a machine readable storage having stored thereon a program for causing a machine to perform 

13 such a method (inherent to any computer-implemented system), comprising: responsive to a 

14 request to perform an administrative task (comprising a resource request, which can include 

15 administrative tasks such as editing: see [0021]) directed to a resource (resource device 14) within 

16 a computing network (network 16), retrieving an administration policy comprising a set of rules 

17 for governing said administrative task (the policy comprising policy data and the rules comprising 

18 access control entries: see [0019] and [0044]-[0045]), and permitting said administrative task only 

19 if a set of rules in said retrieved policy are satisfied (see step 310 in Fig. 4C and [0045]). 
20 

21 Appellants respectfully disagree with the Examiner's analysis for several reasons. 
22 

23 For example, the Examiner cited paragraph [0021] of Lortz to teach the claimed 

24 "responsive to a request to perform an administrative task." For ease of reference, paragraph 

25 [002 1 ] of Lortz is reproduced below: 

26 In addition, the ACE attribute 43 can include an access permission level attribute 44 that 

27 can be set to one of four access levels of permission in decreasing order of authority: (1) "owner" 

28 level which is the highest level of access, (2) "editor" level which allows access for editing, (3) 

29 "reviewer" level which allows access for reading only, and (4) "none" level which denies all 

30 access. The interpretation of the values specified in the access permission level attribute 44 can 

3 1 depend on the particular resource device 14. The permission level attribute 44 can be arranged to 
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1 provide a hierarchy of permission levels. For example, a principal with a high access permission 

2 level also may be granted the privileges associated with a lower access permission level. 
3 

4 Absent from this teaching is " a request to perform an administrative task" (emphasis added). 

5 Thus, the Examiner has failed to properly identify within Lortz the features being relied upon in 

6 the statement of the rejection. 
7 



8 In the sixth enumerated paragraph on page 3 of the Second Office Action, the Examiner 

9 responded as follows: 

10 In response to the argument that Lortz fails to show "a request to perform an 

1 1 administrative task," Applicant is directed to paragraph [0045], which discusses a "resource 

12 request." 
13 

14 Appellants submit that the Examiner's analysis is deficient on several levels. First, the Examiner 

15 has failed to provide a claim construction for the claimed "a request to perform an administrative 



16 task." Moreover, the Examiner has failed to explain why the Examiner's claim construction 

17 would be considered reasonable to one having ordinary skill in the art and reflect the broadest 

18 reasonable interpretation of that language consistent with Appellants' specification. 
19 

20 A proper construction of the term "administrative task" must recognize that not all tasks 

21 are considered "administrative." For example, tasks associated with the general, everyday 

22 operation of a system would not be considered administrative. Instead, a task, for example, 

23 associated with how the system operates (i.e., management tasks such as setting access levels) 

24 could be considered an "administrative task." Appellants also note that whether or not a 

25 particular task would be considered, by one having ordinary skill in the art, as an administrative 

26 task is also based upon the context in which the particular task is performed. For example, tasks 

27 in certain systems may be considered administrative tasks while in other systems, the same tasks 

28 may not be considered administrative tasks. A clue as to whether or not a particular task could 

6 
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1 be considered an "administrative task" is whether the entity performing the task has administrator 

2 privileges or is simply a general user. 
3 

4 Turning to the Examiner's cited passages of paragraph [0021] and [0045], the "resource 

5 request" identified by the Examiner does not appear to be performed by an entity with 

6 administrator privileges. Instead, the resource request appears to be part of the normal 

7 operations of the systems described by Lortz. A client requesting access to a resource is part of 

8 the normal operations of Lortz's system (see, e.g., paragraphs [0009]-[0010]). 
9 

10 By comparison, paragraph [0045] of Lortz describes making a determination to grant the 

1 1 client access based upon credentials of the client. Hypothetically, if Lortz were to describe a 

12 request to modify the credentials of the client, such a request could be considered comparable to 

13 the claimed "a request to perform an administrative task" since modifying the credentials of the 

14 client could be considered an administrative task. However, requesting access to a resource, as 

15 described by Lortz, which is done by every client does not identically disclose the claimed "a 

1 6 request to perform an administrative task." 
17 

18 



19 Regarding the Examiner's obviousness analysis, the Examiner asserted the following in 

20 the paragraph spanning pages 5 and 6 of the First Office Action: 

2 1 Lortz does not show retrieving state data for a resource and applying a policy to retrieved 

22 state data. Hopmann shows retrieving state data (comprising whether or not a resource is locked) 

23 for a resource and applying a policy to retrieved state data (the policy being that a resource is only 

24 available if it does not have a lock token: see lines 7-9 of col. 1 and col. 8, line 65 to col.9, line 2). 

25 It would have been obvious to one of ordinary skill in the art at the time of the invention to modify 

26 the invention of Lortz with the evaluation of state data as taught by Hopmann in order to prevent 

27 administrative task requests from overwriting one another (see Hopmann, col. 2, lines 14-18). 
28 
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1 As already noted above, accessing a resource alone (as taught by both Lortz and Hopmann) does 

2 not disclose the claimed "administrative task directed to a resource within a computing network." 

3 An administrator, to be an administrator, already has access to the resource. Although selecting 

4 which entities may have access to a resource could be considered an administrative task, the 

5 selection of who gets to access the source is different from merely accessing the resource, which 

6 is described by the applied prior art. Thus, even if Lortz were modified in view of Hopmann, the 

7 claimed invention would not result. The Examiner did not address these specific arguments in 

8 the Second Office Action. 
9 

10 Appellants also note that that combination of Lortz and Hopmann would not arrived at 

1 1 the claimed invention even if one having ordinary skill in the art could consider the editing of 

12 resources, as taught by Lortz, as being comparable to the claimed "administrative task." The 

13 alleged "state data" described by Hopmann (i.e., whether or not the resource is locked) is not 

14 relevant to the level of permission (i.e., see paragraph [0021]) described by Lortz. Instead, the 

15 level of permission is directly related to the identity of the client requesting access to the 

1 6 resource and not to the resource itself. 
17 

18 Appellants also note that Hopmann fails to teach the claimed "state data for said 

19 resource." Whether or not a resource is "locked" or "unlocked" does not describe disclose "state 

20 data for said resource." A lock is external to the resource and does not reflect the state of the 

21 resource. In this regard, Appellants respectfully submit that the Examiner has failed to provide a 

22 claim construction for the term "state data" and failed to provide evidence that one having 

8 
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1 ordinary skill in the art would recognize that a resource being locked is "state data," given the 

2 broadest reasonable interpretation of the term consistent with Appellants' specification. 
3 

4 The Rejection of Claims 3 and 13 Under 35 U.S.C. § 103 for Obviousness based 

5 UPON LORTZ IN VIEW OF HOPMANN AND BELL 

6 For convenience of the Honorable Board in addressing the rejections, claim 13 stands or 

7 falls together with dependent claim 3 . 

8 

9 Claims 3 and 13 respectively depend from independent claims 1 and 11, and Appellants 



1 0 incorporate herein the arguments previously advanced in traversing the imposed rejection of claims 

1 1 1 and 1 1 under 35 U.S.C. § 103 for obviousness based upon Lortz in view Hopmann. The tertiary 

12 reference to Bell does not cure the argued deficiencies of the prior rejection. Accordingly, even if 

13 one having ordinary skill in the art were motivated to modify Lortz in view Hopmann and Bell, the 

14 claimed invention would not result. Appellants, therefore, respectfully submit that the imposed 

15 rejection of claims 3 and 13 under 35 U.S.C. § 103 for obviousness based upon Lortz in view 

1 6 Hopmann and Bell is not viable. 
17 



18 The Rejection of Claims 4-7 and 14-17 Under 35 U.S.C. § 103 for Obviousness 

19 based upon Lortz in view of Hopmann and Burns 

20 For convenience of the Honorable Board in addressing the rejections, claim 14 stands or 

21 falls together with dependent claim 4, and claims 6-7 and 15-17 stand or fall together with 

22 dependent claim 5. 
23 
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1 Claims 4-7 and 14-17 respectively depend from independent claims 1 and 11, and 

2 Appellants incorporate herein the arguments previously advanced in traversing the imposed 

3 rejection of claims 1 and 11 under 35 U.S.C. § 103 for obviousness based upon Lortz in view 

4 Hopmann. The tertiary reference to Burns does not cure the argued deficiencies of the prior 

5 rejection. Accordingly, even if one having ordinary skill in the art were motivated to modify Lortz 

6 in view Hopmann and Burns, the claimed invention would not result. Appellants, therefore, 

7 respectfully submit that the imposed rejection of claims 4-7 and 14-17under 35 U.S.C. § 103 for 

8 obviousness based upon Lortz in view Hopmann and Burns is not viable. 
9 

10 Claim 4 

1 1 Claim 4 recites the following limitations: 

12 wherein said step of further retrieving said state data, comprises retrieving state 

13 data both for said resource and also for other related resources in said computing 

14 network. 
15 

16 To teach these limitations, the Examiner asserted the following in the seventeenth enumerated 

17 paragraph on page 9 of the Second Office Action: 

1 8 Bums shows retrieving state data for other related resources in a computing network (see 

19 [0038]). It would have been obvious to one of ordinary skill in the art at the time of the invention 

20 to modify the invention of Lortz in view of Hopmann with the state retrieval of Burns in order to 

21 ensure that all the relevant network policies are upheld (see Burns, lines 9-13 of [0038]). 
22 

23 For ease of reference, the Examiner's cited passage of paragraph [0038] is reproduced below: 

24 As indicated earlier, the policy engine begins by receiving the current state of the 

25 network through network-state interface 110. This state will include the network elements and 

26 their types, the services and capabilities supported by these elements, the current setting for 

27 configurable parameters, and each element's neighboring network elements, etc. Using this 

28 information, the policy engine then constructs a network connectivity graph of the network (i.e., 

29 the network topology). Again, the policy engine does not rely on prior state information, including 

30 prior topologies. Once having this basic information, the policy engine proceeds to cycle through 

3 1 the policy statements one -by-one to determine if each statement is upheld. The policy engine 

32 verifies policy statements by attempting to break the policy. In other words, if the policy says to 

33 deny access to a service, the policy engine attempts to find ways to gain access to the service. 
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1 Similarly, if the policy statement says to grant access, the policy engine attempts to determine if 

2 access is denied. 
3 

4 The Examiner has failed to provide any reasonable explanation as to why one having 



5 ordinary skill in the art would have been reasonably impelled to retrieve state data for other 

6 related resources in a computing network when the Examiner's alleged administrative task (i.e., 

7 to edit/access the resource) does not appear to be affected by the "other related resources" in the 

8 computing network. The Examiner's alleged rationale (i.e., "in order to ensure that all the 

9 relevant network policies are upheld") is a generalization that is completely divorced from the 

10 specific teachings of Lortz. Appellants are entirely unclear as to what "relevant network 

11 policies" need to be upheld in order for a client to edit/access a resource (i.e., the alleged 

12 administrative task) and why this is necessary in order to permit the administrative task. 
13 

14 Claim 5 

15 Claim 5 recites several additional steps to be performed, which the Examiner admits is 

16 not disclosed by the combination of Lortz and Hopmann. To teach these limitations, the 

17 Examiner asserted the following in the nineteenth and twentieth enumerated paragraphs on page 

18 1 0 of the Second Office Action: 



19 Burns shows identifying a related resource having a related resource state giving rise to 

20 state data for a resource failing to satisfy a set of rules in a retrieved policy (see lines 1-9 of [0039] 

21 and lines 6-10 of [0044]); and requesting remediation of said related resource state so that said 

22 related resource state satisfies said set of rules in said retrieved policy (see [0044]-[0045]). It 

23 would have been obvious to one of ordinary skill in the art at the time of the invention to further 

24 modify the invention of Lortz in view of Hopmann with the identification and remediation system 

25 of Burns in order to ensure security policies are upheld even when the state of the network and its 

26 components change (see Burns, [0011]). 

27 It is noted that the method of Lortz in view of Hopmann and Burns would permit said 

28 administrative task subsequent to a remediation of said related resource state, as the system would 

29 have no reason to disallow the task if the related resource state were remediated. 
30 



3 1 Appellants respectfully submit that Burns fails to teach the limitations for which Burns is being 

32 relied upon to teach. For example, Burns is being relied upon to teach the claimed "identifying a 
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1 related resource having a related resource state giving rise to said state data for said resource 

2 failing to satisfy said set of rules in said retrieved policy." However, referring to paragraph 

3 [0044], Burns describes "configurable parameters [that] can be altered to allow the packet to 

4 proceed," which are not comparable to "a related resource having a related resource state." 
5 

6 Moreover, Appellants note that the alleged "state data" being relied upon in the rejection 

7 of claim 1 is whether or not a resource is locked, yet a comparable teaching is not found in the 

8 Examiner's cited passages in Burns. Thus, the Examiner is attempting to match different 

9 teachings in Burns and Hopmann without establishing that one having ordinary skill in the art 

10 would recognize the teachings as to the configurable parameters of Burns (e.g., a new firewall 

1 1 filter) are applicable to a resource being locked/unlocked, as described in Hopmann. 
12 



13 Claim 5 further recites "requesting remediation of said related resource state so that said 

14 related resource state satisfies said set of rules in said retrieved policy," yet Appellants are 

15 unclear where, within Burns, these limitations are taught. 
16 

17 The Rejection of Claims 8 and 18 Under 35 U.S.C. $ 103 for Obviousness based 

18 UPON LORTZ IN VIEW OF HOPMANN AND HALL 

19 For convenience of the Honorable Board in addressing the rejections, claims 8 and 18 

20 stand or fall together with independent claim 1 . 
21 

22 Claims 8 and 18 respectively depend from independent claims 1 and 11, and Appellants 

23 incorporate herein the arguments previously advanced in traversing the imposed rejection of claims 



12 



Application No.: 10/635,586 

1 1 and 11 under 35 U.S.C. § 103 for obviousness based upon Lortz in view Hopmann. The tertiary 

2 reference to Hall does not cure the argued deficiencies of the prior rejection. Accordingly, even if 

3 one having ordinary skill in the art were motivated to modify Lortz in view Hopmann and Hall, the 

4 claimed invention would not result. Appellants, therefore, respectfully submit that the imposed 

5 rejection of claims 8 and 18 under 35 U.S.C. § 103 for obviousness based upon Lortz in view 

6 Hopmann and Hall is not viable. 
7 

8 The Rejection of Claim 10 Under 35 U.S.C. $ 103 for Obviousness based upon 

9 Lortz in view of Hopmann and Krum 

10 For convenience of the Honorable Board in addressing the rejections, claim 10 stands or 

1 1 falls together with independent claim 9. 
12 

13 Claim 10 depends from independent claim 9, and Appellants incorporate herein the 

14 arguments previously advanced in traversing the imposed rejection of claim 9 under 35 U.S.C. § 

15 103 for obviousness based upon Lortz in view Hopmann. The tertiary reference to Krumel does not 

16 cure the argued deficiencies of the prior rejection. Accordingly, even if one having ordinary skill in 

17 the art were motivated to modify Lortz in view Hopmann and Krumel, the claimed invention would 

18 not result. Appellants, therefore, respectfully submit that the imposed rejection of claim 9 under 

19 35 U.S.C. § 103 for obviousness based upon Lortz in view Hopmann and Krumel is not viable. 
20 
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1 Conclusion 

2 Based upon the foregoing, Appellants respectfully submit that the Examiner's rejections 

3 under 35 U.S.C. § 103 based upon the applied prior art is not viable. Appellants, therefore, 

4 respectfully solicit the Honorable Board to reverse the Examiner's rejection under 35 U.S.C. § 103. 
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To the extent necessary, a petition for an extension of time under 37 C.F.R. § 1.136 is 
hereby made. Please charge any shortage in fees due under 37 C.F.R. §§ 1.17, 41.20, and in 
connection with the filing of this paper, including extension of time fees, to Deposit Account 09- 
0461, and please credit any excess fees to such deposit account. 

Date: January 22, 2008 Respectfully submitted, 

/Scott D. Paul/ 



Scott D. Paul 
Registration No. 42,984 
Steven M. Greenberg 
Registration No. 44,725 
Phone: (561)922-3845 
CUSTOMER NUMBER 46320 
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VIII. CLAIMS APPENDIX 

1 . A systems administration policy enforcement method comprising the steps of: 
responsive to a request to perform an administrative task directed to a resource within a 

computing network, retrieving an administration policy comprising a set of rules for governing 
said administrative task, further retrieving state data for said resource and applying said retrieved 
policy to said retrieved state data; and, 

permitting said administrative task only if said further retrieved state data satisfies said 
set of rules in said retrieved policy. 

2. The method of claim 1, further comprising the steps of: 

providing a user interface for establishing said set of rules for said administration policy; 

and, 

storing said administration policy for subsequent retrieval in said retrieving step. 

3. The method of claim 1, further comprising the steps of: 

yet further retrieving environmental information for the computing network; and, 
further permitting said administrative task only if said yet further retrieved environmental 
data satisfies said set of rules in said retrieved policy. 

4. The method of claim 1, wherein said step of further retrieving said state data, 
comprises retrieving state data both for said resource and also for other related resources in said 
computing network. 

16 
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5. The method of claim 1, further comprising the steps of: 

disallowing said administrative task if said further retrieved state data fails to satisfy said 
set of rules in said retrieved policy; 

identifying a related resource having a related resource state giving rise to said state data 
for said resource failing to satisfy said set of rules in said retrieved policy; 

requesting remediation of said related resource state so that said related resource state 
satisfies said set of rules in said retrieved policy; and, 

further permitting said administrative task subsequent to a remediation of said related 
resource state. 

6. The method of claim 5, wherein said steps of disallowing, identifying, requesting and 
further permitting are performed autonomically. 

7. The method of claim 5, wherein said steps of disallowing, identifying, requesting and 
further permitting are performed recursively for each related resource whose state gives rise to a 
failure of said resource to satisfy said retrieved policy. 

8. The method of claim 1, further comprising the step of inserting an exit routine in an 
administration console of said resource, said exit routine having a configuration for forwarding 
requests to administer said resource to a policy evaluation component programmed to perform 
said steps of retrieving, further retrieving, applying and permitting. 
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9. A system administration policy enforcement system comprising: 

an administration policy comprising a set of rules for permitting and disallowing 
administration of resources in a system hosting a plurality of interdependent resources; 

a policy evaluation component configured to retrieve resource state data and determine 
whether said retrieved resource state data satisfies said set of rules in said administration policy; 
and, 

an exit routine coupled to a resource in said network, said exit routine having logic for 
forwarding requests to administer said resource to said policy evaluation component. 

10. The system of claim 9, further comprising a rules engine coupled to said policy 
evaluation component and configured to retrieve said set of rules on behalf of said policy 
evaluation component. 

1 1 . A machine readable storage having stored thereon a computer program for enforcing 
a systems administration policy, said computer program comprising a routine set of instructions 
for causing the machine to perform the steps of: 

responsive to a request to perform an administrative task directed to a resource within a 
computing network, retrieving an administration policy comprising a set of rules for governing 
said administrative task, further retrieving state data for said resource, and applying said 
retrieved policy to said retrieved state data; and, 

permitting said administrative task only if said further retrieved state data satisfies said 
set of rules in said retrieved policy. 
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12. The machine readable storage of claim 11, further comprising the steps of: 
providing a user interface for establishing said set of rules for said administration policy; 

and, 

storing said administration policy for subsequent retrieval in said retrieving step. 

13. The machine readable storage of claim 11, further comprising the steps of: 
yet further retrieving environmental information for the computing network; and, 
further permitting said administrative task only if said yet further retrieved environmental 

data satisfies said set of rules in said retrieved policy. 

14. The machine readable storage of claim 11, wherein said step of further retrieving 
said state data, comprises retrieving state data both for said resource and also for other related 
resources in said computing network. 

15. The machine readable storage of claim 11, further comprising the steps of: 
disallowing said administrative task if said further retrieved state data fails to satisfy said 

set of rules in said retrieved policy; 

identifying a related resource having a related resource state giving rise to said state data 
for said resource failing to satisfy said set of rules in said retrieved policy; 

requesting remediation of said related resource state so that said related resource state 
satisfies said set of rules in said retrieved policy; and, 

further permitting said administrative task subsequent to a remediation of said related 
resource state. 
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16. The machine readable storage of claim 15, wherein said steps of disallowing, 
identifying, requesting and further permitting are performed autonomically. 

17. The machine readable storage of claim 15, wherein said steps of disallowing, 
identifying, requesting and further permitting are performed recursively for each related resource 
whose state gives rise to a failure of said resource to satisfy said retrieved policy. 

18. The machine readable storage of claim 11, further comprising the step of inserting an 
exit routine in an administration console of said resource, said exit routine having a configuration 
for forwarding requests to administer said resource to a policy evaluation component 
programmed to perform said steps of retrieving, further retrieving, applying and permitting. 
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IX. EVIDENCE APPENDIX 

No evidence submitted pursuant to 37 C.F.R. §§ 1.130, 1.131, or 1.132 of this title or of 
any other evidence entered by the Examiner has been relied upon by Appellants in this Appeal, 
and thus no evidence is attached hereto. 
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X. RELATED PROCEEDINGS APPENDIX 

Since Appellants are unaware of any related appeals and interferences, no decision 
rendered by a court or the Board is attached hereto. 
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